package com.patterns.design.security.web.struts.sample1.action;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.owasp.esapi.Encoder;

import com.patterns.design.security.web.struts.common.BaseAction;
import com.patterns.design.security.web.struts.sample1.form.SampleForm;

public class InputAction extends BaseAction{

	@Override
	public ActionForward executeAction(ActionMapping mapping, ActionForm form,
			HttpServletRequest request, HttpServletResponse response)
			throws Exception {
		SampleForm sampleForm=(SampleForm)form;
		sampleForm.setHtmlWithJSInScript("<b>hello</b><script type=\"text/javascript\">alert(\"I am an alert box!\");</script>");
		sampleForm.setHtmlWithJSInDiv("<div id='myDiv' style='color:#00FF00' onclick=\"javascript:alert('hidden onclik event!'+document.cookie);\"> click me </div>");
		
		return mapping.getInputForward();
	}

	@Override
	public void encodeData(Encoder encoder) throws Exception {
		// TODO Auto-generated method stub
		
	}

}
